A log of random stuff that interests me.

Category Archives: Uncategorized

Recently, I started to play around with ext4 transparent encryption. Following basic instructions from Arch Linux wiki, it was really easy to get it up and running. However, when using it with two ext4 filesystems, things get a little more complicated.

How to get the ext4 filesystem salt?

Each encryption enabled ext4 filesystem has a randomised salt. Salt is added to your key to thwart rainbow table attacks, especially with weak passwords. The salt for an ext4 filesystem is stored in the superblock and can be obtained with the dumpe2fs command:

Which key descriptor corresponds with which filesystem?

When using e4crypt add_key, you will get a separate descriptor for each mounted ext4 encryption enabled filesystem for the same password, due to different filesystems having different salt. Unfortunately it doesn’t say which descriptor was generated from which FS. However, you can determine this by providing the salt (obtained in the previous step) manually to the e4crypt command:

It is important to know which key descriptor corresponds with which filesystem as if you used a descriptor with salt from filesystem 1 on filesystem 2, the descriptor will only ever be there if you add_key while filesystem 1 is mounted. Worse yet, if you reformat filesystem 1 and lose the salt, your filesystem 2 data will be gone forever.

To be safe, when you have multiple mounted filesystems with encryption, I would recommend always providing the salt when add_key.

It’s an extension method, so after importing the namespace (if different), you can use it like this:

var output = "ps aux".Bash();

output will contain the STDOUT of the result. Currently STDERR is not captured, but the above could easily be modified to do just that by changing the property RedirectStandardOutput and reading process.StandardError.

While investigating various options for a managed database solution on Amazon Web Services, I came up with an idea: What if we use Amazon’s S3 file hosting solution as a database? My requirements was that it should be a document database and it should run as cheaply as possible.

So after installing Visual Studio 2015 Update 2, my Xaml Designer decided to stop working. Every time I open the designer by clicking on a xaml file, it would show an error dialog that says “Visual Studio has encountered an unexpected error.” – not very helpful. Going to the menu, Options > Xaml Designer > General property page would yield an error “An error occurred loading this property page”.

I then tried re-installing Visual Studio 2015. Same issue. I then tried opening Expression Blend, it doesn’t work, but I got a some more interesting clues – it tells me to check ActivityLog.xml – In it, there was a telling error:
SetSite failed for package [XamlDesignerPackage][This access control list is not in canonical form and therefore cannot be modified.

Basically my permissions were corrupted somewhere in some file. I had a hunch. A test by logging on to a fresh Windows user account and opening VS xaml editor confirmed that the issue was limited to my profile account. I tried remove all traces of Visual Studio from profile but removing the obvious AppData folder didn’t fix the issue. There were just too many places it hides files. As a last resort, I reset all permissions on my profile folder such that I was the owner and had write access and surprise! it works!! Now I know what to try next time.

Following my post on setting up Let’s Encrypt with nginx, I experimented with installing the certificates from letsencrypt on my mail server. It was surprisingly straightforward. The key was that the verification of the domain, which requires port 80 or port 443 to be accessible on the host of the mail server. I run a secure mail server with Dovecot and Exim. Since on the server, nothing was hosted on port 80, I used the standalone plugin that runs a temporary standalone HTTP server for letsencrypt / certbot to access:

A few days ago I enabled HTTPS and SSL/TLS on this blog. A big barrier to enabling SSL on your website is the cost of the SSL certificate and the maintenance overhead of having to constantly renew your certificate. You could already get free SSL certificates with StartSSL, but the process of obtaining the certificate is still a manual process. A few months ago Mozilla and a bunch of companies came together and created Letsencrypt, a service which issues free SSL certificates that are automatically generated with a command line tool. When set up correctly, it alleviates the need for manual intervention. As of the writing of this blog post, the service is still in beta and support for Nginx is minimal, but it’s not difficult to set up.

For the past few days, my newly installed Visual Studio 2015 would randomly crash, naturally at the most inconvenient of times. In the 10 odd instances I could notice no discernable pattern to the crashes. It seems to happen randomly but consistently.

2015 comes with a new feedback feature in the form of smilies. You can send Microsoft a smile or a frown. I have been sending frowns every time the crash happened. Whoever opens and reads this frown would have seen my increasingly desperate messages.

I have a Linux box that runs both LXC and VirtualBox side by side. All the containers and VMs are set to bridge mode. Unfortunately for some reason, the VirtualBox VMs can’t talk to LXC containers. Pinging yields a response, but any TCP connection fails. Both LXC and VBox can talk to the host fine. This is how you can resolve the issue.

I had this annoying issue where Android Studio kept deleting my top-level project file (.iml) whenever I do a gradle sync. For months I had no idea why and Google search doesn’t seem to show this as a common issue. Finally today I got to the bottom of this.

The issue was the casing of the file names. For the project file, I had mixed capital and lowercase, whereas the project folder name was all lowercase. This inconsistency was due to a move of the project from a windows environment to a mac where I had a different folder name.

The fix for this issue was simple: Close the project in Android Studio and delete all the .iml files. Then use File > Import project and select the project folder and this will regenerate all the .iml files. The new .iml files should now match the case of the folder.